From djm at mindrot.org  Sun May  1 19:18:18 2011
From: djm at mindrot.org (Damien Miller)
Date: Sun, 1 May 2011 19:18:18 +1000 (EST)
Subject: [netflow-tools] netflow v9 mean opinion score
In-Reply-To: <2016454860.142.1298333952441.JavaMail.root@zcs>
References: <2016454860.142.1298333952441.JavaMail.root@zcs>
Message-ID: <alpine.BSO.2.00.1105011918110.27150@natsu.mindrot.org>

On Mon, 21 Feb 2011, reza a wrote:

> does pfflow support netflow v9 and mean opinion score?

no

From djm at mindrot.org  Sun May  1 19:19:10 2011
From: djm at mindrot.org (Damien Miller)
Date: Sun, 1 May 2011 19:19:10 +1000 (EST)
Subject: [netflow-tools] softflowd - netflow v9
In-Reply-To: <654434709.186.1298611796969.JavaMail.root@zcs>
References: <654434709.186.1298611796969.JavaMail.root@zcs>
Message-ID: <alpine.BSO.2.00.1105011918210.27150@natsu.mindrot.org>

On Thu, 24 Feb 2011, reza a wrote:

> Hello all,
> Does softflowd allow you to measure VoIP metrics such as Jitter, MoS,
> RTT when utilizing Netflow v9?

No, if these values are tagged then it might be possible to capture them
with an extension to the storage format though.

-d

From screw.badluck at seznam.cz  Tue May  3 23:06:35 2011
From: screw.badluck at seznam.cz (screw.badluck at seznam.cz)
Date: Tue, 03 May 2011 15:06:35 +0200 (CEST)
Subject: [netflow-tools] softflowd timeouts
Message-ID: <394.206.472-19934-1399420772-1304427995@seznam.cz>

Hi, 
 does timeouts work when reading data from file?

 Also with some connections, the end_time is far in the future than it should be. At time of "wrong" end_time new connection with same SRC/DST IP/PORT is made and therefore the old flow is expired (at least that's what i think). This would even works though, but it is expired with the new connection's SYN packet timetimestamp as end_time.
 The previous connection is ended by both side sending. 
 I tried to eliminate this by using -t tcp.fin 10, but with no effect. Same for "general", "tcp" and "maxlife".

 Thank you for any hints.

From mikydevel at yahoo.fr  Sun May 22 00:55:56 2011
From: mikydevel at yahoo.fr (Mik J)
Date: Sat, 21 May 2011 15:55:56 +0100 (BST)
Subject: [netflow-tools] Flow result display
In-Reply-To: <394.206.472-19934-1399420772-1304427995@seznam.cz>
Message-ID: <260304.30587.qm@web28007.mail.ukl.yahoo.com>

Hello,

Sorry to ask the question again but I'm lost with this.
I think I'm able to collect flows from my OpenBSD

# flowd-reader /tmp/flowd
FLOW recv_time 2011-05-21T16:46:51.653132 proto 17 tcpflags 00 tos 00 agent [127.0.0.1] src [192.168.1.23]:161 dst [192.168.1.15]:35504 packets 1 octets 81

I would like to know how to proceed to get some graphs cacti style or pizza style (with slices of my traffic)

Thank you